How search engines help hackers as well as the rest of us
One of the most useful weapons in a hacker's armoury is the everyday search engine. I use them to research my articles, but hackers can use them to find private information. Google is my example in this article because of its familiarity and popularity, but most of these tricks can be done using any search engine.
�If you invent something smart, people will find a way to exploit it.�
I've been to the Googleplex in Silicon Valley and met a lot of the people who work there. They seemed like good guys to me - the food in their caf� was vegetarian and the sun was shining. But it's the old story: if you invent something smart and powerful, bad people will find a way to exploit it.
Here's how hackers use Google to break into websites and find private information:
Combining these kinds of searches with automated tools makes it easy for the bad guys to examine thousands of websites quickly and find vulnerable sites.
Protect your website and protect your data
�The most basic step to protect your website is also the most effective.�
The most basic step to protect your website is also the most effective: don't put private information on it. Review the information you have there already, including hidden files. Is there anything that shouldn't be there? Be especially careful about personal information such as names, addresses, passwords and so on.
Consider excluding individual pages or branches of your website from the search engines. Different search engines do this in different ways, so check online about how to do this. If you don't want people to be able to find your site at all by searching then you can remove it from Google and other search engines completely. There is some information on search engine exclusion here - just remember that a public website is still public even if it isn't being searched.
Matthew Stibbe writes a new column every fortnight. Sign up to our security bulletin to read them.